Blogroll

Using Ubuntu PPA packages with Debian or Crunchbang

Ah, the joys of package management. Every linux distribution flavour has a package management tool – even the venerable Slackware – to ensure the otherwise near-impossible task of installing programs and their dependencies and updating them to the latest versions is made possible for mere mortals.

Ubuntu, based on Debian, uses the same apt-get and dpkg tools. But as the pace of development at Ubuntu is much quicker and has a broader reach of users and developers than vanilla Debian, Canonical introduced PPA – personal package archives – on its Launchpad service to allow developers to create and maintain their own packages that can be accessed by Ubuntu users through apt-get, without having to bring them into the Ubuntu official release package tree itself.

While built for Ubuntu releases specifically, these packages can be used with Debian – and therefore Crunchbang – without much hassle. Two things are needed: firstly the location of the archive, usually an http:// or https:// web address; secondly the GPG encryption key that is used to sign the .deb packages, ensuring that the software you are installing on your computer with root permissions is, at least to a point, trusted.

In Ubuntu this is taken care of either using the add-apt-repository command, or by adding the package source using the Synaptic package manager GUI app. Neither comes with the stripped down and Gnome/KDE-free Crunchbang.

Instead we go old school again and edit the text file that the graphical app would be doing for us anyway, /etc/apt/sources.list. In this case, I’m installing the Darktable photo management and editing package, a sort of open source Adobe Lightroom. The PPA address can be found from the Ubuntu PPA achive on Launchpad. A search reveals the individual page(s) for Darktable.

In this example, there are three pages for Darktable, darktable-release, -release-plus, and -unstable. I’m using the cutting edge -unstable release in this case. Debian Squeeze (6.0.1) came out in February 2011, but I’ve used packages from the Ubuntu 10.04 “Lucid Lynx” release from April 2010 as it is a Long Term Support version and will continue to be updated long after Ubuntu 10.10 “Maverick Meercat” has been archived. Click the green link marked Technical Details about this PPA to reveal the source lines we need, beginning with deb:

We need to add the following text to /etc/apt/sources.list:
deb http://ppa.launchpad.net/pmjdebruijn/darktable-unstable/ubuntu lucid main
deb-src http://ppa.launchpad.net/pmjdebruijn/darktable-unstable/ubuntu lucid main

Darktable-unstable is the cutting-edge version in this case. The same deb line but substituting the words “darktable-release” would install from the more stable branch.

Running sudo apt-get update will force apt to add the new PPA repository to its list, but it will complain that it doesn’t have the GPG encryption keys we need to install packages:
Hit http://ppa.launchpad.net lucid/main Sources
Hit http://ppa.launchpad.net lucid/main amd64 Packages
Fetched 634 B in 0s (1,172 B/s)
Reading package lists... Done
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40C18E9EC07EE05F
[...]

To add the key we use the apt-key tool. Under the PPA source lines on the Darktable page, under the title Signing Key is an eight-character key, prefixed with 1024R/ (= 1024-bit RSA encryption). The key is per-user, so will be the same for each of the Darktable releases created by Pascal de Bruijn. To add it to our GPG keychain, the command we need is:
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C07EE05F

Follow this with another sudo apt-get update, and we’re done. You can install away using the usual method, for example: sudo apt-get install darktable.

It’s a little less polished than Ubuntu’s tools, but what you lose in convenience you gain in speed and responsiveness, and a better understanding of how the system works underneath – a price worth paying, imho.